Arbitrary code execution vulnerability in Vim < 8.1.1365 and Neovim < 0.3.6 via modelines. Also, why you should not use Vim with default config, or cat without -v. Reference: https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md https://twitter.com/rawsec/status/1135895908594409472/photo/1
Created neovim tracking bugs for this issue: Affects: fedora-all [bug 1717950] Created vim tracking bugs for this issue: Affects: fedora-all [bug 1717949]
Created neovim tracking bugs for this issue: Affects: epel-7 [bug 1717951]
*** This bug has been marked as a duplicate of bug 1718308 ***